<?php
/**
 * [WeEngine System] Copyright (c) 2014 WE7.CC
 * WeEngine is NOT a free software, it under the license terms, visited http://www.we7.cc/ for more details.
 */
defined('IN_IA') or exit('Access Denied');

$signature = $_GPC['signature'];
$timestamp = $_GPC['timestamp'];
$eventId = $_GPC['eventId'];

function checkSignature($signature, $token, $timestamp, $eventId)
{
    $currentTimestamp = time();
    if ($currentTimestamp - $timestamp > 30) {
        return false;
    }
    $timestamp = (string)$timestamp;
    $eventId = (string)$eventId;
    $params = array($token, $timestamp, $eventId);
    sort($params, SORT_STRING);
    $str = implode('', $params);
    $requestSignature = hash('sha256', $str);
    return $signature === $requestSignature;
}
